const Router = require('@koa/router');
const permissionController = require('../controllers/permission.controller');
const { checkAuth, checkPermission } = require('../middlewares/auth');

const router = new Router({
  prefix: '/api/v1/permissions'
});

/**
 * @swagger
 * /permissions:
 *   get:
 *     tags: [权限管理]
 *     summary: 获取权限列表
 *     description: 获取系统中所有权限的列表
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: query
 *         name: page
 *         schema:
 *           type: integer
 *           minimum: 1
 *           default: 1
 *         description: 页码
 *       - in: query
 *         name: limit
 *         schema:
 *           type: integer
 *           minimum: 1
 *           maximum: 100
 *           default: 10
 *         description: 每页数量
 *       - in: query
 *         name: type
 *         schema:
 *           type: string
 *           enum: [system, custom]
 *         description: 权限类型筛选
 *     responses:
 *       200:
 *         description: 获取成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 total:
 *                   type: integer
 *                   example: 50
 *                 pages:
 *                   type: integer
 *                   example: 5
 *                 current:
 *                   type: integer
 *                   example: 1
 *                 permissions:
 *                   type: array
 *                   items:
 *                     type: object
 *                     properties:
 *                       id:
 *                         type: string
 *                         example: "perm_001"
 *                       name:
 *                         type: string
 *                         example: "user:create"
 *                       description:
 *                         type: string
 *                         example: "创建用户的权限"
 *                       type:
 *                         type: string
 *                         example: "system"
 *                       createdAt:
 *                         type: string
 *                         format: date-time
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 */
router.get('/', checkAuth, checkPermission(['permission:read']), permissionController.getPermissions);

/**
 * @swagger
 * /permissions/{id}:
 *   get:
 *     tags: [权限管理]
 *     summary: 获取权限详情
 *     description: 获取指定权限的详细信息
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: id
 *         required: true
 *         schema:
 *           type: string
 *         description: 权限ID
 *     responses:
 *       200:
 *         description: 获取成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 id:
 *                   type: string
 *                   example: "perm_001"
 *                 name:
 *                   type: string
 *                   example: "user:create"
 *                 description:
 *                   type: string
 *                   example: "创建用户的权限"
 *                 type:
 *                   type: string
 *                   example: "system"
 *                 roles:
 *                   type: array
 *                   items:
 *                     type: object
 *                     properties:
 *                       id:
 *                         type: string
 *                         example: "role_001"
 *                       name:
 *                         type: string
 *                         example: "管理员"
 *                 createdAt:
 *                   type: string
 *                   format: date-time
 *                 updatedAt:
 *                   type: string
 *                   format: date-time
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 *       404:
 *         description: 权限不存在
 */
router.get('/:id', checkAuth, checkPermission(['permission:read']), permissionController.getPermission);

/**
 * @swagger
 * /permissions:
 *   post:
 *     tags: [权限管理]
 *     summary: 创建权限
 *     description: 创建新的权限
 *     security:
 *       - bearerAuth: []
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - name
 *               - description
 *             properties:
 *               name:
 *                 type: string
 *                 description: 权限标识符（格式：资源:操作）
 *                 example: "user:create"
 *               description:
 *                 type: string
 *                 description: 权限描述
 *                 example: "创建用户的权限"
 *               type:
 *                 type: string
 *                 enum: [system, custom]
 *                 description: 权限类型
 *                 default: custom
 *                 example: "custom"
 *     responses:
 *       201:
 *         description: 创建成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 id:
 *                   type: string
 *                   example: "perm_001"
 *                 name:
 *                   type: string
 *                   example: "user:create"
 *                 description:
 *                   type: string
 *                   example: "创建用户的权限"
 *       400:
 *         description: 参数错误或权限已存在
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 */
router.post('/', checkAuth, checkPermission(['permission:create']), permissionController.createPermission);

/**
 * @swagger
 * /permissions/{id}:
 *   put:
 *     tags: [权限管理]
 *     summary: 更新权限
 *     description: 更新指定权限的信息
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: id
 *         required: true
 *         schema:
 *           type: string
 *         description: 权限ID
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             properties:
 *               description:
 *                 type: string
 *                 description: 权限描述
 *                 example: "创建新用户的权限"
 *               type:
 *                 type: string
 *                 enum: [system, custom]
 *                 description: 权限类型
 *                 example: "custom"
 *     responses:
 *       200:
 *         description: 更新成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 message:
 *                   type: string
 *                   example: 权限更新成功
 *       400:
 *         description: 参数错误
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 *       404:
 *         description: 权限不存在
 */
router.put('/:id', checkAuth, checkPermission(['permission:update']), permissionController.updatePermission);

/**
 * @swagger
 * /permissions/{id}:
 *   delete:
 *     tags: [权限管理]
 *     summary: 删除权限
 *     description: 删除指定的权限（系统权限不可删除）
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: id
 *         required: true
 *         schema:
 *           type: string
 *         description: 权限ID
 *     responses:
 *       200:
 *         description: 删除成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 message:
 *                   type: string
 *                   example: 权限删除成功
 *       400:
 *         description: 系统权限不可删除
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 *       404:
 *         description: 权限不存在
 */
router.delete('/:id', checkAuth, checkPermission(['permission:delete']), permissionController.deletePermission);

module.exports = router; 